With the prolific use of the Internet, many people and businesses have come to rely on network communications. Because of this reliance, the need for secure means of transmitting data has become significant for individuals and businesses alike. As a consequence, there is an ever present need for evolving security in communications over networks and the Internet. In particular, there is a need for improved approaches to ensuring the confidentiality of private information.
Cryptography is the practice and study of techniques for secure communication in the presence of third parties. Public-key cryptography, which is also known as asymmetric cryptography, refers to a cryptographic algorithm that requires two separate keys: a private key and a public key. These keys may be referred to collectively as a key pair. The private key is kept secret, but the public key is widely distributed. A private key and its corresponding public key are mathematically linked, but the parameters are chosen so that calculating the private key from the public key is extremely difficult.
Public-key cryptography facilitates the use of digital signatures. In particular, a message that is digitally “signed” (i.e., processed in accordance with an appropriate cryptographic algorithm) using the sender's private key may be verified by anyone who has access to the sender's public key. A valid digital signature gives a recipient reason to believe that the message was actually created by the sender.
One issue associated with the use of public-key cryptography is related to determining whether a particular public key is authentic, i.e., whether the public key is correct and belongs to the person or entity claimed, and has not been tampered with or replaced by a malicious third party. Typically, a public-key infrastructure system is used to address the issue of authenticity. Aspects of the present disclosure are directed to improvements related to management of public-key infrastructure systems.